0001-views-fix-logout-is-user-is-already-logged-out-50155.patch
mellon/views.py | ||
---|---|---|
659 | 659 |
if logout: |
660 | 660 |
self.set_next_url(next_url) |
661 | 661 |
self.log.info('user logged out, SLO request sent to IdP') |
662 |
else: |
|
663 |
# anonymous user: is next_url is None redirect to referer |
|
664 |
return HttpResponseRedirect(next_url or referer) |
|
662 | 665 |
else: |
663 | 666 |
self.log.warning('logout refused referer %r is not of the same origin', referer) |
664 | 667 |
return HttpResponseRedirect(next_url) |
tests/test_sso_slo.py | ||
---|---|---|
233 | 233 |
assert 'created new user' in caplog.text |
234 | 234 |
assert 'logged in using SAML' in caplog.text |
235 | 235 |
assert urlparse.urlparse(response['Location']).path == '/whatever/' |
236 |
response = app.get(reverse('mellon_logout')) |
|
236 |
response = app.get(reverse('mellon_logout'), extra_environ={'HTTP_REFERER': '/some/path'})
|
|
237 | 237 |
assert urlparse.urlparse(response['Location']).path == '/singleLogout' |
238 |
# again, user is already logged out |
|
239 |
response = app.get(reverse('mellon_logout'), extra_environ={'HTTP_REFERER': '/some/path'}) |
|
240 |
assert urlparse.urlparse(response['Location']).path == '/some/path' |
|
238 | 241 | |
239 | 242 | |
240 | 243 |
def test_sso_idp_slo(db, app, idp, caplog, sp_settings): |
241 |
- |